nix/8.nix-darwin
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

dnsmasq: add servers option for upstream DNS configuration (#1611)
Some checks failed
Test / test-stable (push) Has been cancelled
Details
Test / install-against-stable (push) Has been cancelled
Details
Test / install-flake (push) Has been cancelled
Details
Update website / Build (push) Has been cancelled
Details
Update website / Deploy (push) Has been cancelled
Details

Browse source
This commit is contained in:
Michael Hoang 2025-10-17 17:14:42 +00:00 committed by GitHub
commit c3211fcd0c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 31 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

24
modules/services/dnsmasq.nix
View file

@ -42,6 +42,27 @@ in
{ localhost = "127.0.0.1"; } { localhost = "127.0.0.1"; }
''; '';
}; };
services.dnsmasq.servers = mkOption {
type = types.listOf types.str;
default = [];
description = ''
List of upstream DNS servers to forward queries to.
If empty, dnsmasq will use the servers from /etc/resolv.conf.
Each entry can be:
- An IP address (e.g., "1.2.3.4")
- A domain-specific server (e.g., "/example.com/1.2.3.4")
- A server with port (e.g., "1.2.3.4#5353")
See dnsmasq(8) man page for --server option for full syntax.
'';
example = literalExpression ''
[
"8.8.8.8"
"8.8.4.4"
"/internal.example.com/192.168.1.1"
]
'';
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -53,7 +74,8 @@ in
"--listen-address=${cfg.bind}" "--listen-address=${cfg.bind}"
"--port=${toString cfg.port}" "--port=${toString cfg.port}"
"--keep-in-foreground" "--keep-in-foreground"
] ++ (mapA (domain: addr: "--address=/${domain}/${addr}") cfg.addresses); ] ++ (mapA (domain: addr: "--address=/${domain}/${addr}") cfg.addresses)
++ (map (server: "--server=${server}") cfg.servers);
serviceConfig.KeepAlive = true; serviceConfig.KeepAlive = true;
serviceConfig.RunAtLoad = true; serviceConfig.RunAtLoad = true;

8
tests/services-dnsmasq.nix
View file

@ -12,6 +12,10 @@ in
services.dnsmasq.addresses = { services.dnsmasq.addresses = {
localhost = "127.0.0.1"; localhost = "127.0.0.1";
}; };
services.dnsmasq.servers = [
"8.8.8.8"
"/example.com/192.168.1.1"
];
test = '' test = ''
echo >&2 "checking dnsmasq service in /Library/LaunchDaemons" echo >&2 "checking dnsmasq service in /Library/LaunchDaemons"
@ -19,6 +23,10 @@ in
grep "${dnsmasq}/bin/dnsmasq" ${config.out}/Library/LaunchDaemons/org.nixos.dnsmasq.plist grep "${dnsmasq}/bin/dnsmasq" ${config.out}/Library/LaunchDaemons/org.nixos.dnsmasq.plist
grep -F -- "--address=/localhost/127.0.0.1" ${config.out}/Library/LaunchDaemons/org.nixos.dnsmasq.plist grep -F -- "--address=/localhost/127.0.0.1" ${config.out}/Library/LaunchDaemons/org.nixos.dnsmasq.plist
echo >&2 "checking server options"
grep -F -- "--server=8.8.8.8" ${config.out}/Library/LaunchDaemons/org.nixos.dnsmasq.plist
grep -F -- "--server=/example.com/192.168.1.1" ${config.out}/Library/LaunchDaemons/org.nixos.dnsmasq.plist
echo >&2 "checking resolver config" echo >&2 "checking resolver config"
grep -F "port 53" ${config.out}/etc/resolver/localhost grep -F "port 53" ${config.out}/etc/resolver/localhost
grep -F "nameserver 127.0.0.1" ${config.out}/etc/resolver/localhost grep -F "nameserver 127.0.0.1" ${config.out}/etc/resolver/localhost